CVE-2010-5280P3HIGHCVSS 7.5PoCv1.4.8·v1.4.9+1 more2012-11-26
CVE-2010-5280 [HIGH] CWE-22 CVE-2010-5280: Directory traversal vulnerability in the Community Builder Enhanced (CBE) (com_cbe) component 1.4.8,
Directory traversal vulnerability in the Community Builder Enhanced (CBE) (com_cbe) component 1.4.8, 1.4.9, and 1.4.10 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the tabname parameter in a userProfile action to index.php. NOTE: this can be leveraged to execute arbitrary code by using the file up
nvd